package com.gzhu.knowledgeAdmin.common.config;


import com.gzhu.knowledgeAdmin.filter.TokenAuthenticationFilter;
import com.gzhu.knowledgeAdmin.filter.TokenLoginFilter;
import com.gzhu.knowledgeAdmin.security.DefaultPasswordEncoder;
import com.gzhu.knowledgeAdmin.security.TokenLogoutHandler;
import com.gzhu.knowledgeAdmin.security.TokenManager;
import com.gzhu.knowledgeAdmin.security.UnauthorizedEntryPoint;
import com.gzhu.knowledgeAdmin.service.XtyhService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;

/**
 * <p>
 * Security配置类
 * </p>
 *
 * @author qy
 * @since 2019-11-18
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class TokenWebSecurityConfig extends WebSecurityConfigurerAdapter {

    //自定义查询数据库用户名密码和权限信息
    private UserDetailsService userDetailsService;
    private TokenManager tokenManager;
    private DefaultPasswordEncoder defaultPasswordEncoder;
    private StringRedisTemplate stringRedisTemplate;
    private XtyhService xtyhService;

    @Autowired
    public TokenWebSecurityConfig(UserDetailsService userDetailsService, DefaultPasswordEncoder defaultPasswordEncoder,
                                  TokenManager tokenManager, StringRedisTemplate redisTemplate, XtyhService xtyhService) {
        this.userDetailsService = userDetailsService;
        this.defaultPasswordEncoder = defaultPasswordEncoder;
        this.tokenManager = tokenManager;
        this.stringRedisTemplate = redisTemplate;
        this.xtyhService = xtyhService;
    }

    /**
     * 配置设置
	 *通过设置usernameParmeter("")、passwordParmeter("")用户名、密码的参数名称
	 *
     */
    //设置退出的地址和认证、授权过滤器
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.exceptionHandling()
                .authenticationEntryPoint(new UnauthorizedEntryPoint())
                .and().csrf().disable()
                .authorizeRequests()
                .anyRequest().authenticated()
                .and().logout().logoutUrl("/admin/acl/index/logout")
                .addLogoutHandler(new TokenLogoutHandler(tokenManager,stringRedisTemplate)).and()
                .addFilter(new TokenLoginFilter(authenticationManager(), tokenManager, stringRedisTemplate,xtyhService))
                .addFilter(new TokenAuthenticationFilter(authenticationManager(), tokenManager, stringRedisTemplate)).httpBasic();
    }

    /**
     * 密码处理
     * @param auth
     * @throws Exception
     */
    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(defaultPasswordEncoder);
    }

    /**
     * 配置哪些请求不拦截
     * @param web
     * @throws Exception
     */
    @Override
    public void configure(WebSecurity web)  {
        web.ignoring().antMatchers("/api/**",
                "/swagger-resources/**", "/webjars/**", "/v2/**", "/swagger-ui.html/**","/file/**",
                "/knowledgeAdmin/zs/getAnswer","/knowledgeAdmin/zs/cache/*","/knowledgeAdmin/xtyh/captcha.jpg","/audio/**"
               , "/template", "/template/call/list", "/template/getBeginTemplate","/dxjg/**","/dxmb/**","/knowledgeAdmin/rwjgjf/**","/task/allTasks/**",
                "/task/allTasksWithCompanyName/**","/detail/findAllWithRwmc/**");
    }
}